Best

Windows Server 2012 Best Practices, Windows Server Hardening Checklist

This section guides you in best practices in setting up a Web Server for installation of EMS web-based products and is intended for experienced System Administrators.  Please be aware that we can only provide instructions for modifying your web server as tested in our facilities, and cannot guarantee results for your configuration. Lastly, after completing these modifications, you will need to perform your own adjustments to system security etc.  

Before you start the installation process, review EMS System Requirements. The minimum hardware requirements must be met to continue with the configuration below. Administrative rights will be necessary to enable the roles and features listed for each Windows Server.     

This topic provides information on the following: 

To Install Internet Information Services (IIS) Windows Server 2012/2012 R2

To Install .NET Framework 3.5 

Navigate to Start > All Programs > Administrative Tools > Server Manager In the Server Manager interface, click Features to view all the installed Features in the right pane. In the Server Manager interface, select Add Features to lists possible features. In the Select Features interface, expand .NET Framework 3.5.1 Features. Once expanded, select .NET Framework 3.5.1 and click Next.

*

In the Confirm Installation Selections interface, review the selections, then click Install. Once the installation process completes, click Close.

To Install .NET Framework 4.5: Regics Only 

Windows Server 2008/2008 R2 does not have a built-in option to install .NET Framework 4.5. In order to install .NET Framework 4.5, the Server Administrator will need to download the following redistributable to the server and install it following the instructions.

See Also: .NET Framework 4.5.

Đang xem: Windows server 2012 best practices

To Install Internet Information Services (IIS) 

To install IIS on a Windows Server 2008, follow the instructions below.

Navigate to Start > All Programs > Administrative Tools > Server Manager.

*

In the Server Manager window, scroll down to Roles Summary, and then click Add Roles. Select Web Server (IIS) on the Select Server Roles page. An introductory page will open with links for further information.The Web Server (IIS) role in Windows Server 2012 provides a secure, easy-to-manage, modular and extensible platform for reliably hosting websites, services, and applications.

*

To Add Role Services 

When adding IIS using the Add Roles Wizard, only the default installation is executed, which has a minimum set of role services. For EMS products, it is necessary to add role services for the programs to function properly. If role services are added after installing IIS, the Server Administrator will need to navigate to the Role Services page by following the above directions and then clicking Next.

Select the following IIS Role Services to be installed:

Common HTTP Features

Static Content – Static Content lets the Web server publish static Web file formats, such as HTML pages and image files. Use Static Content to publish files on a Web server that users can then view using a Web browser. Default Document – Default Document lets organizations configure a default file for the Web server to return when users do not specify a file in a URL. Default documents make it easier and more convenient for users to reach an organizations Web site. HTTP Errors – HTTP Errors lets organizations customize the error messages returned to users’ browsers when the Web server detects a fault condition. Use HTTP errors to give users a better user experience when they run up against an error message. Consider providing users with an e-mail address for staff who can help them resolve the error. Application Development

See also  Best Burger In Hoboken - The 10 Best Burgers In Hoboken (Updated July 2021

ASP.NET – ASP.NET provides a server side object-oriented programming environment for building Web sites and Web applications that use managed code. ASP.NET is not just a new version of ASP. ASP.NET provides a robust infrastructure for building Web applications, and it has been completely re-architected to provide a highly productive programming experience based on the .NET Framework. .NET Extensibility – .NET Extensibility lets managed code developers change, add, and extend Web server functionality in the request pipeline, the configuration, and the UI. Developers can use the familiar ASP.NET extensibility model and rich .NET APIs to build Web Server features that are just as powerful as those written using the native C++ APIs. ISAPI Extensions – Internet Server Application Programming Interface (ISAPI) Extensions provides support for dynamic Web content development using ISAPI extensions. An ISAPI extension runs when requested, just like any other static HTML file or dynamic ASP file. Since ISAPI applications are compiled code, they are processed much faster than ASP files or files that call COM+ components. ISAPI Filters – Internet Server Application Programming Interface (ISAPI) Filters provides support for Web applications that use ISAPI filters. ISAPI filters are files that can extend or change the functionality provided by IIS. An ISAPI filter reviews every request made to the Web server, until the filter finds one that it needs to process. Health and Diagnostics

 

HTTP Logging – HTTP Logging provides logs site activity for this server. When a loggable event (usually an HTTP transaction) occurs, IIS calls the selected logging module, which then writes to one of the logs stored in the file system of the Web server. These logs are kept in addition to those provided by the operating system. Request Monitoring – Request Monitor provides infrastructure to monitor Web application health by capturing information about HTTP requests in an IIS worker process. Administrators and developers can use Request Monitor to understand which HTTP requests are executing in a worker process when the worker process has become unresponsive or very slow. Security

Windows Authentication – Windows Authentication is a low cost authentication solution for internal Web sites. This authentication scheme allows administrators in a Windows domain to take advantage of the domain infrastructure for authenticating users. Do not use Windows authentication if users who must be authenticated access an organization”s website from behind firewalls and proxy servers. Request Filtering – Request Filtering screens all incoming requests to the server and filters these requests based on rules set by the administrator. Many malicious attacks share common characteristics, such as very long URLs, or requests for an unusual action. Filtering requests, can attempt to reduce the impact of these types of attacks. Performance

Static Content Compression – Static Content Compression provides infrastructure to configure HTTP compression of static content. This provides more efficient use of bandwidth. Unlike dynamic responses, compressed static responses can be cached without degrading CPU resources.

Management Tools

IIS Management Console – IIS Manager provides infrastructure to manage IIS by using a graphical user interface. IIS Manager can be used to manage a local or remote Web server that runs IIS.

See also  Best Dagger?: Dark Souls Best Dagger Pve Users? Please Teach Me

Xem thêm: Baby Trend Navigator Double Jogging Stroller, Vanguard, Baby Trend Navigator Review

Windows Server 2012/2012 R2 

Before you start the installation process, see our system requirements. The minimum hardware requirements must be met to continue with the below configuration. Administrative rights will be necessary to enable the roles and features listed for each Windows Server.

In Server Manager, click Manage and then select Add Roles and Features to start the Add Roles and Features Wizard.

 

*

On the Select installation type screen, select Add roles and Features. Select the target server. The wizard presents a Before you Begin prompt.

*

Click Next. The wizard advances to the Installation Type prompt.

*

Select Role-based or feature-based installation. Click Next. The wizard advances you to the Server Selection prompt.

*

Select your server and click Next. The wizard advances you to the Server Roles prompt.

*

Select Web Server (IIS) and click Next. The wizard advances you to the Features prompt.

*

Select the .NET Framework Framework 3.5 and .NET Framework 4.5 options. The wizard prompts you to confirm for each option.

*

Click Next. Repeat this confirmation step for the .NET 4.5 server role. The Wizard advances you to the Select Role Services prompt.

Select both ASP .NET 3.5 and ASP .NET 4.5 options. The wizard advances you to the Confirmation Prompt. Review the selections and then click Install. Allow the installation process to complete, review the results that display, and then click Close.

To Install .NET Framework 4.5: Regics Only 

Once expanded, select both the .NET Framework 4.5 and ASP.NET 4.5 options and click Next. 

Review the selections and then click Install. Allow the installation process to complete, review the results that display, and then click Close.

To Add Role Services 

When adding IIS using the Add Roles Wizard, only the default installation is executed, which has a minimum set of role services. For EMS products, it is necessary to add role services for the programs to function properly. If role services are added after installing IIS, the Server Administrator will need to navigate to the Role Services page by following the above directions then clicking Next.

Select the following IIS Role Services to be installed:

Common HTTP Features

Static Content – Static Content lets the Web server publish static Web file formats, such as HTML pages and image files. Use Static Content to publish files on a Web server that users can then view using a Web browser. Default Document – Default Document lets organizations configure a default file for the Web server to return when users do not specify a file in a URL. Default documents make it easier and more convenient for users to reach an organizations Web site. Directory Browsing – Directory Browsing lets users see the contents of a directory on a Web server. Use Directory Browsing to enable an automatically generated list of all directories and files available in a directory when users do not specify a file in a URL and default documents are either disabled or not configured. HTTP Errors – HTTP Errors lets organizations customize the error messages returned to users’ browsers when the Web server detects a fault condition. Use HTTP errors to give users a better user experience when they run up against an error message. Consider providing users with an e-mail address for staff who can help them resolve the error. Application Development

See also  Best Place To Farm Helium Filaments ?: Destinythegame Best Destiny Helium Filaments Farming Route

ASP.NET – ASP.NET provides a server side object-oriented programming environment for building Web sites and Web applications that use managed code. ASP.NET is not just a new version of ASP. ASP.NET provides a robust infrastructure for building Web applications, and it has been completely re-architected to provide a highly productive programming experience based on the .NET Framework. .NET Extensibility – .NET Extensibility lets managed code developers change, add, and extend Web server functionality in the request pipeline, the configuration, and the UI. Developers can use the familiar ASP.NET extensibility model and rich .NET APIs to build Web Server features that are just as powerful as those written using the native C++ APIs. ISAPI Extensions – Internet Server Application Programming Interface (ISAPI) Extensions provides support for dynamic Web content development using ISAPI extensions. An ISAPI extension runs when requested, just like any other static HTML file or dynamic ASP file. Since ISAPI applications are compiled code, they are processed much faster than ASP files or files that call COM+ components. ISAPI Filters – Internet Server Application Programming Interface (ISAPI) Filters provides support for Web applications that use ISAPI filters. ISAPI filters are files that can extend or change the functionality provided by IIS. An ISAPI filter reviews every request made to the Web server, until the filter finds one that it needs to process. Health and Diagnostics

 

HTTP Logging – HTTP Logging provides logs site activity for this server. When a loggable event (usually an HTTP transaction) occurs, IIS calls the selected logging module, which then writes to one of the logs stored in the file system of the Web server. These logs are kept in addition to those provided by the operating system. Request Monitoring – Request Monitor provides infrastructure to monitor Web application health by capturing information about HTTP requests in an IIS worker process. Administrators and developers can use Request Monitor to understand which HTTP requests are executing in a worker process when the worker process has become unresponsive or very slow. Security

Windows Authentication – Windows Authentication is a low cost authentication solution for internal Web sites. This authentication scheme allows administrators in a Windows domain to take advantage of the domain infrastructure for authenticating users. Do not use Windows authentication if users who must be authenticated access an organization”s website from behind firewalls and proxy servers. Request Filtering – Request Filtering screens all incoming requests to the server and filters these requests based on rules set by the administrator. Many malicious attacks share common characteristics, such as very long URLs, or requests for an unusual action. Filtering requests, can attempt to reduce the impact of these types of attacks. Performance

Static Content Compression – Static Content Compression provides infrastructure to configure HTTP compression of static content. This provides more efficient use of bandwidth. Unlike dynamic responses, compressed static responses can be cached without degrading CPU resources.

Xem thêm: Best Fiends Level 50 No Boosters: U_Agsmoogo, How To Beat Best Fiends Level 50

Management Tools

IIS Management Console – IIS Manager provides infrastructure to manage IIS by using a graphical user interface. IIS Manager can be used to manage a local or remote Web server that runs IIS.

See more articles in category: Best

Leave a Reply

Back to top button